A few days back it was revealed by a security researcher in a post on Medium that the LastPass Authenticator app for 2FA key generation wasn't entirely secure. Access to the keys was ostensibly secured by a PIN/fingerprint, but a workaround was found that allows anyone with the ability to launch an activity on the device, including other installed applications, to access those codes. LastPass has fixed this problem in an update today.

Not a fan of passwords? Microsoft yesterday announced a new feature for users of the Microsoft Authenticator app that allows the sign-in process on Microsoft accounts to be done using a phone instead. Users can link their phone with an account and receive an interactive notification after entering their username, allowing them to bypass the need to input a password.

Setting up and using 2-factor authentication on a Google account used to be a fairly miserable affair. The sign-in process lurched from a native interface into a browser where users were expected to quickly enter codes, various apps weren't compatible and required special 1-time use passwords, and the app for generating codes felt completely unfinished. These days, all of those problems have been solved, and now Google's Authenticator app is even taking steps to further improve its look and usefulness. The latest update brings a great looking refresh to the UI, adds a dark mode, and finally adds its own built-in scanner functionality.

At the end of July, Microsoft took to its Enterprise security blog to announce it was combining its existing authenticator apps into a single Microsoft Authenticator app - that app is now available.

Previously, the tech giant had separate authentication apps for its consumer accounts and the enterprise Azure AD accounts. According to the blog post, this new app combines the best features from the Microsoft accounts and the Azure Authenticator apps into one application. It serves as an update to the current Azure Authenticator, while users of the old Microsoft account app will need to download it after being prompted to do so.

Many of Google's apps are in extremely active development, some are even on weekly update schedules, but there are others that seem practically abandoned until they get that one random update every 6 months or so. With an average of about once per year (so far), Authenticator is easily one of the best examples of the latter group. Given the infrequency of new versions, it's a little disheartening to see that there are no discernable new features in the latest release; but it's actually worse than that, one was even taken away. But don't let this get you down, it looks like this little app may be due for some new tricks soon as it may be entering wireless territory.

Account security is a tough issue for a lot of people. It's a constant balancing act between having a stronger system to keep out would-be invaders while also making it convenient enough that users won't reject it. After Google began offering its own 2-step verification system, several other services adopted the same mechanism and opt-in model for people that wanted more than a single password protecting their personal data. This generally left users with Google's Authenticator app, which got the job done, but it lacked features and languished on an early Holo dark design. If you're looking for something a little more modern and functional, it's time to check out Authy.

Google Authenticator, an important security tool that enables 2-step verification for your Google account, has racked up over 250,000 downloads over its lifetime, which is no small feat for any app in the Play Store. However, a few days ago, that version (previously available here) all of a sudden became obsolete and was consequently silently deleted.

Its replacement, which can be found here, bears version 2 (2.15 to be exact) and offers the following changelog: